wolfSSL "Immediately Retired" From Fedora Linux For Failing To Follow Packaging Rules

Written by Michael Larabel in Fedora on 10 September 2024 at 08:11 PM EDT. 36 Comments
FEDORA
WolfSSL is an embedded SSl/TLS library designed for a range of use-cases and available as open-source under the GNU GPLv2. WolfSSL was recently packaged and added to Fedora Linux since Netatalk began building against wolfSSL and in the longer-term plans to require its use. So the Fedora packager of Netatalk went ahead with packaging up wolfSSL. But this in turn has led to issues and as of today is now being "immediately retired from Fedora."

The issue at hand is that Fedora has strict system crypto policies guidelines for ensuring system-wide cryptographic policies are enforced. New crypto libraries also need to be confirmed by the (currently defunct) Fedora security team and also needs to undergo a legal review to ensure that the crypto implementations shipped can be legally provided by Fedora Linux.

WolfSSL made it into the Fedora repositories but these necessary steps were not followed. Thus the matter was raised to the Fedora Engineering and Steering Committee due to not meeting the requirements around new crypto libraries and also not undergoing the legal review.

At today's FESCo meeting it was decided to "immediately retire" the wolfSSL packages for Fedora and that if the package maintainer is interested must re-submit and go through the necessary processes to potentially see the packages reinstated.
* TOPIC: #3267 wolfssl imported to Fedora after skipping MUST policy requirements for new crypto libraries (@decathorpe:fedora.im,17:41:06)

* AGREED: WolfSSL is immediately retired from Fedora. The maintainers may file a new package review request when WolfSSL respects the crypto system policy. This review request must be presented to the FPC, who must approve it before it is added back to the repositories. (+5, 0, -0) (@decathorpe:fedora.im, 17:50:40)

Thus for now at least don't look for wolfSSL in the Fedora package repositories.

WolfSSL logo


WolfSSL is a great project though and with time will hopefully re-find itself within Fedora Linux. Those wanting to learn more about this embedded SSL/TLS library can do so at wolfSSL.com.
36 Comments
Related News
Fedora 42 Looking To Package Intel SGX Software Stack
Fedora 42 Aims To Enhance The Windows Subsystem For Linux Experience
Fedora Stakeholders Debate Concerns Over "Karma" Term For Their Updates System
Fedora KDE Desktop Spin Promoted To Same Tier As GNOME-Based Fedora Workstation
Fedora Stakeholders Debate Idea Of "-O3" Optimized Packages
Fedora 41 Releases Today With Many Shiny New Features
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
Vulkan Video Now Enabled By Default For Radeon VCN2/VCN3 Hardware On Linux
Rustls Multi-Threaded Performance Is Battering OpenSSL
Fedora 42 Aims To Enhance The Windows Subsystem For Linux Experience
KDE Starts December By Landing A Number Of New Features